// Pull in the boilerplate template for the snort.conf
// configuration file. The contents of the template along
// with substituted variables are stored in $snort_conf_text
// (which is defined in the included file).
include "/usr/local/pkg/snort/snort_conf_template.inc";
// Now write out the conf file using $snort_conf_text contents
@file_put_contents("{$snortcfgdir}/snort.conf", $snort_conf_text);
unset($snort_conf_text);
// Create the actual rules files and save them in the interface directory
snort_prepare_rule_files($snortcfg, $snortcfgdir);
// Clean up variables we no longer need and free memory
unset($snort_conf_text, $selected_rules_sections, $suppress_file_name, $snort_misc_include_rules, $spoink_type, $snortunifiedlog_type, $alertsystemlog_type);
unset($home_net, $external_net, $ipvardef, $portvardef);
// Create barnyard2.conf file for interface
if ($snortcfg['barnyard_enable'] == 'on') {
snort_generate_barnyard2_conf($snortcfg, $if_real);
}
}
/* create snort bootup file snort.sh */
snort_create_rc();
/* Set Log Limit, Block Hosts Time and Rules Update Time */
snort_snortloglimit_install_cron(true);
snort_rm_blocked_install_cron($config['installedpackages']['snortglobal']['rm_blocked'] != "never_b" ? true : false);
snort_rules_up_install_cron($config['installedpackages']['snortglobal']['autorulesupdate7'] != "never_up" ? true : false);
/* Restore the last Snort Dashboard Widget setting if none is set */
if (!empty($config['installedpackages']['snortglobal']['dashboard_widget']) && stristr($config['widgets']['sequence'], "snort_alerts-container") === FALSE) {
$config['widgets']['sequence'] .= "," . $config['installedpackages']['snortglobal']['dashboard_widget'];
}
$rebuild_rules = false;
if ($pkg_interface != "console") {
update_output_window(gettext("Finished rebuilding Snort configuration files..."));
update_output_window(gettext("Please wait... downloading and updating configured rule types..."));
if ($pkg_interface != "console") {
$snort_gui_include = true;
}
include '/usr/local/pkg/snort/snort_check_for_rule_updates.php';
update_status(gettext("Generating snort.conf configuration file from saved settings..."));
$rebuild_rules = true;
/* Create the snort.conf files for each enabled interface */
$snortconf = $config['installedpackages']['snortglobal']['rule'];
foreach ($snortconf as $value) {
$if_real = get_real_interface($value['interface']);
/* create a snort.conf file for interface */
snort_generate_conf($value);
/* create barnyard2.conf file for interface */
if ($value['barnyard_enable'] == 'on') {
snort_generate_barnyard2_conf($value, $if_real);
}
}
/* create snort bootup file snort.sh */
snort_create_rc();
/* Set Log Limit, Block Hosts Time and Rules Update Time */
snort_snortloglimit_install_cron(true);
snort_rm_blocked_install_cron($config['installedpackages']['snortglobal']['rm_blocked'] != "never_b" ? true : false);
snort_rules_up_install_cron($config['installedpackages']['snortglobal']['autorulesupdate7'] != "never_up" ? true : false);
/* Add the recurring jobs created above to crontab */
configure_cron();
/* Restore the last Snort Dashboard Widget setting if none is set */
if (!empty($config['installedpackages']['snortglobal']['dashboard_widget']) && stristr($config['widgets']['sequence'], "snort_alerts-container") === FALSE) {
$config['widgets']['sequence'] .= "," . $config['installedpackages']['snortglobal']['dashboard_widget'];
}
$rebuild_rules = false;
